[Secure-testing-commits] r6321 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Aug 15 19:10:19 UTC 2007
Author: stef-guest
Date: 2007-08-15 19:10:19 +0000 (Wed, 15 Aug 2007)
New Revision: 6321
Modified:
data/CVE/list
Log:
new issues: flashplugin-nonfree, denyhosts, fail2ban
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-15 18:29:14 UTC (rev 6320)
+++ data/CVE/list 2007-08-15 19:10:19 UTC (rev 6321)
@@ -19,49 +19,52 @@
CVE-2007-4343
RESERVED
CVE-2007-4342 (PHP remote file inclusion vulnerability in include.php in PHPCentral ...)
- TODO: check
+ NOT-FOR-US: PHPCentral
CVE-2007-4341 (PHP remote file inclusion vulnerability in adm/my_statistics.php in ...)
- TODO: check
+ NOT-FOR-US: Omnistar Lib2 PHP
CVE-2007-4340 (PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 ...)
- TODO: check
+ NOT-FOR-US: phpDVD
CVE-2007-4339 (Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll ...)
- TODO: check
+ NOT-FOR-US: PHPCentral Poll Script
CVE-2007-4338 (index.php in Ryan Haudenschilt Family Connections (FCMS) 0.6 and ...)
- TODO: check
+ NOT-FOR-US: Family Connections
CVE-2007-4337 (Buffer overflow in the httplib_parse_sc_header function in lib/http.c ...)
- streamripper 1.62.2-1 (medium)
CVE-2007-4336 (Buffer overflow in the Live Picture Corporation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-4335 (Format string vulnerability in the SMTP server component in Qbik ...)
- TODO: check
+ NOT-FOR-US: Qbik WinGate
CVE-2007-4334 (Cross-site scripting (XSS) vulnerability in whois.php in Php-stats ...)
- TODO: check
+ NOT-FOR-US: Php-stats
CVE-2007-4333 (Multiple cross-site scripting (XSS) vulnerabilities in signup.php in ...)
- TODO: check
+ NOT-FOR-US: Article Dashboard
CVE-2007-4332 (SQL injection vulnerability in article.php in Article Dashboard, when ...)
- TODO: check
+ NOT-FOR-US: Article Dashboard
CVE-2007-4331 (PHP remote file inclusion vulnerability in index.php in FindNix allows ...)
- TODO: check
+ NOT-FOR-US: FindNix
CVE-2007-4330 (PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox ...)
- TODO: check
+ NOT-FOR-US: Shoutbox
CVE-2007-4329 (Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 ...)
- TODO: check
+ NOT-FOR-US: Web News
CVE-2007-4328 (Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder ...)
- TODO: check
+ NOT-FOR-US: Bilder Galerie
CVE-2007-4327 (Multiple PHP remote file inclusion vulnerabilities in File Uploader ...)
- TODO: check
+ NOT-FOR-US: File Uploader
CVE-2007-4326 (Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader ...)
- TODO: check
+ NOT-FOR-US: Bilder Uploader
CVE-2007-4325 (PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 ...)
- TODO: check
+ NOT-FOR-US: Gaestebuch
CVE-2007-4324 (ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0 allows remote ...)
- TODO: check
+ - flashplugin-nonfree <unfixed>
+ [etch] - flashplugin-nonfree <no-dsa> (non-free not supported)
+ [sarge] - flashplugin-nonfree <no-dsa> (non-free not supported)
CVE-2007-4323 (DenyHosts 2.6 does not properly parse sshd log files, which allows ...)
- TODO: check
+ - denyhosts <unfixed> (bug #438162; medium)
CVE-2007-4322 (BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) ...)
- TODO: check
+ NOT-FOR-US: BlockHosts
CVE-2007-4321 (fail2ban 0.8 and earlier does not properly parse sshd log files, which ...)
- TODO: check
+ - fail2ban <unfixed> (medium)
+ NOTE: maybe fixed in 0.8.0-4, pinged maintainer (sf)
CVE-2007-4320 (PHP remote file inclusion vulnerability in ...)
TODO: check
CVE-2007-4319 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...)
More information about the Secure-testing-commits
mailing list